Query on Resolver(9.2.3) w.r.t to DNSSEC

Gany ganiee at rediffmail.com
Tue Nov 23 06:33:32 UTC 2004

Hi ,
            Iam currently working on porting DNS BIND 4.8 to DNS BIND
9.2.3. I have a specific query regarding the role of resolver library
Does DNS BIND 9.2.3 support caching and verification of RRs (resourse
on the resolver library part by default?

We are trying to port 4.8 resolver code to 9.2.3 resolver code. Since
Our platfrom doesn't support OPenssl, we are trying to lookout for
this option. we wanted to know, whether by default any authentication
is enabled at the resolver part in BIND 9.2.3.

We understand that RFC2535 states CD and AD bit. If CD bit is set,
then resolver doesn't do auth and integrity tests. Is this CD bit
disabled or enabled in BIND 9.2.3?
To reiterate the whole question again, we wanted to know the role of
resolver with respect to DNSSEC in BIND 9.2.3!

Since, we are pretty new to DNSSEC, we need your valuable inputs on
the above query.


More information about the bind-users mailing list